U.S. DoD Contractors Respond to Hacks Like Russian ‘Fancy Bear’

In February 2018, it was revealed that Russian hackers had exploited a loophole in the security systems of U.S. defense contractors in an attempt to steal some of the country’s biggest secrets. According to an Associated Press investigation, the Russians attempted to steal advanced defense technology by exploiting weaknesses in email security.

The Fancy Bear Attack

It is not clear what the hacking group, known as Fancy Bear, managed to steal. However, the threat is enough to make U.S. defense contractors worried. The hackers, who are also accused of interfering in the election in 2016, targeted at least 87 people working on some of the most sensitive defense technologies: military drones, rockets, stealth fighter jets, missiles, and cloud-computing platforms used by the military.

Fancy Bear used a phishing technique to gain access to data, according to an investigation into the hacking incident. They sent emails primarily to people’s personal Gmail accounts, as well as to a few corporate accounts, that contained phishing links. Worryingly, 40 percent of the people targeted clicked on these links, allowing hackers to take the first step toward being able to hack their targets’ accounts and computers.

In May 2015, Fancy Bear targeted the Gmail account of a senior engineer who was working on the X-37B project at Boeing. Just two weeks earlier, the Russian Deputy Prime Minister had expressed concern that this unmanned space plane was allowing the United States to push ahead in the realm of space flight. Clearly, the Russians had decided to use cyber warfare to prevent the U.S. from gaining a technological edge.

Boeing’s X-37B technology was not the only U.S. project targeted by the hackers; Fancy Bear also went after people who were working on cloud-based services, trying to get hold of classified data from contractors that work for the FBI and other U.S. intelligence agencies.

Fighting Back Against Foreign Government Attacks

In this age of cyber warfare, the United States government is keen to protect data from attacks by foreign powers. However, the way that data is often distributed among various defense departments and third-party contractors makes this difficult.

The response of the Department of Defense to the threat is DFARS (Defense Federal Acquisition Regulation Supplement). This government mandate extends the Federal Acquisition Regulation (FAR) to increase the scope of the regulations that U.S. defense contractors must follow to ensure that all the sensitive data they handle is kept safe.

What is DFARS?

In simple terms, DFARS is a set of new regulations that applies to all contractors that supply goods and services to the Department of Defense (DoD). It requires contractors to protect DoD information through a range of guidelines that are outlined in a document called NIST.

Contractors must also report cyber incidents to the DoD within 72 hours. This reporting requirement ensures that the DoD is able to track the threats that are currently facing U.S. companies. However, it poses a headache for DoD contractors who do not yet have adequate systems set up to monitor activity on their networks.

Contractors who fail to comply with DFARS risk losing their DoD contracts. They may also face fines if they put U.S. DoD information at risk. In the light of escalating tensions between the United States and Russia, the Department of Defense is keen to crack down on all weaknesses that could expose sensitive data to potentially hostile foreign powers.

How DoD Contractors Are Complying With DFARS

DFARS compliance is a big challenge for many businesses, particularly small contractors who do not have large IT departments or significant resources to spend on improving security. For these companies, the best option is usually to work with a U.S. IT company to ensure compliance. By outsourcing compliance in this way, DoD contractors can remain free to focus on their core business operations. Working with an IT company is also, in many cases, much more cost-effective than hiring professionals and purchasing tools to manage their own security systems in house. For more information on DoD Contractors can can comply with DFARS, please see our DFARS guide here.

How IT Companies Help DoD Contractors Comply With DFARS

IT companies that specialize in managed cyber security, more specifically DFARS consulting, are prepared to help DoD contractors to comply with DFARS. The first step an IT company takes is to assess the contractor’s current IT systems to identify any gaps in security.

Once potential weaknesses have been identified, the IT company can take action to secure the network and reduce the risk of a successful hacking attack. As part of ensuring compliance, the IT company will also set up systems that can detect and report cyber threats, allowing the DoD contractor to meet the requirement to report all incidents within 72 hours.

Unlike many contractors, IT companies employ professionals who are leading experts in the field of cyber security. These professionals have the skills and experience necessary to protect against all kinds of cyber threats. They keep up to date with the latest techniques that Russian hackers and other groups of cyber criminals are using to try to steal data from U.S. defense contractors. This expertise allows them to take action to reduce the risk of a successful attack.